<?php
	class user{
		public $TenDangNhap;
		public $MatKhau;
		public $HoTen;
		public $Email;
		public $DienThoai;
		public $DiaChi; 
		public $TrangThai;
		public $Quyen;
		public $Created_Date;
		
		public function getUserByWhere($where, $order){
			
			$db = new db();
			$db->getInstance();
			$sql = "select * from tbluser";
			if($where != '') $sql .= ' where ' . $where; 
			if($order != '') $sql .= ' order by ' . $order; 
			$rs = mysql_query($sql);
			if(mysql_num_rows($rs) > 0){
				while($rc = mysql_fetch_object($rs)){
					$lstUser[] = $rc;	
				}
				return $lstUser;
			}
			else{
				return null;	
			}
		}
		
		public function getUserByWherePaging($where, $order, $pos){
			
			$db = new db();
			$db->getInstance();
			$sql = "select * 
					from tbluser ";
			if($where != '') $sql .= ' where ' . $where; 
			if($order != '') $sql .= ' order by ' . $order;
			$sql .= ' limit '.$pos.','.__PAGE_SIZE; //echo $sql;die;
			$rs = mysql_query($sql);
			if(mysql_num_rows($rs) > 0){
				while($rc = mysql_fetch_object($rs)){
					$lstTivi[] = $rc;	
				}
				return $lstTivi;
			}
			else
				return null;
		}
		
		
		
		public function getUserByTenDangNhap($tendangnhap){
			
			$db = new db();
			$db->getInstance();
			$sql = "select * from tbluser where TenDangNhap = '".$tendangnhap."'";
			//echo $sql;die;
			$rs = mysql_query($sql);
			if(mysql_num_rows($rs) > 0){
				$rc = mysql_fetch_object($rs);
				
				return $rc;
			}
			else{
				return null;	
			}
		}
		
		public function insertUser($user){
			$db = new db();
			$db->getInstance();
			$sql = "Insert tbluser values('".$user->TenDangNhap."','".$user->MatKhau."','".$user->HoTen."','".$user->Email."','".$user->DienThoai."','".$user->DiaChi."',".$user->TrangThai.",".$user->Quyen.",'".$user->Created_Date."')"; //echo $sql; die;
			$rs = mysql_query($sql);
			if($rs) return true;
			else return false;
		}
		
		public function updateUser($user){
			$db = new db();
			$db->getInstance();
			$sql = "Update tbluser set MatKhau='".$user->MatKhau."',HoTen='".$user->HoTen."', Email='".$user->Email."',DienThoai='".$user->DienThoai."',DiaChi='".$user->DiaChi."',TrangThai=".$user->TrangThai.",Quyen=".$user->Quyen." where TenDangNhap ='".$user->TenDangNhap."'"; //echo $sql; die;
			$rs = mysql_query($sql);
			if($rs) return true;
			else return false;
		}
		
		public function checkLogin($username, $pass){
			
			$db = new db();
			$db->getInstance();
			$sql = 'select * from tbluser where TenDangNhap = "'.$username.'" and MatKhau = "'.$pass.'"';
			
			$rs = mysql_query($sql);
			if(mysql_num_rows($rs) > 0){
				$rc = mysql_fetch_object($rs);
				
				return $rc;
			}
			else{
				return null;	
			}
		}
		
		public function checkLoginAdmin($username, $pass){
			
			$db = new db();
			$db->getInstance();
			$sql = 'select * from tbluser where Quyen <> 2 and TenDangNhap = "'.$username.'" and MatKhau = "'.$pass.'"';
			
			$rs = mysql_query($sql);
			if(mysql_num_rows($rs) > 0){
				$rc = mysql_fetch_object($rs);
				
				return $rc;
			}
			else{
				return null;	
			}
		}
	}
?>